infoTECH News

[February 26, 2014]

Fighting the rise of the app attackers

(M2 PressWIRE Via Acquire Media NewsEdge) Fighting the rise of the app attackers Researchers have been given a share of 3 million by the Engineering and Physical Sciences Research Council (EPSRC) to counter cyber-criminals who are using malicious apps which can collude with each other to infect the smartphone in your pocket.

Malware attacks are rising year on year - and over one million new Android malware attacks were identified in 2013 by McAfee, a division of Intel Security.

Malicious apps can gain access to address books, GPS coordinates, passwords or pin numbers. They can redirect your data across the net, send you to phishing sites and also bypass the two-step authentication process used to access an ever-increasing number of online services such as banking or email. Criminals can monetise this information in a number of ways - by getting your phone to send messages to premium numbers, by remotely controlling an infected phone, by tricking you into revealing passwords and by using your stolen data.

The 3 million is funding two app research teams at Royal Holloway University of London, and City University London, Coventry and Swansea Universities as well as three teams carrying out research to enhance the UK's cyber-security.

Dr Lorenzo Cavallaro, Lecturer in the Information Security Group at Royal Holloway University of London, said: "You may think that the phone in your pocket is safe, but think again. We're used to considering our phones as a trusted, private channel of communication, and suitable to receive authentication information to access specific online services. Unfortunately, this information can be leaked or abused by colluding malware if the mobile device is infected." Dr Cavallaro's research team will study the behaviour of apps on Android operating systems and develop novel techniques to spot malicious apps, which of course, are designed to remain hidden. They will use this information to enrich or enhance devices to counteract attacks.

The latest cyber-threat to smartphones comes from apps working together or colluding. An example of collusion consists of one app permitted to access personal data, which passes the data to a second app allowed to transmit data over the network. This information can then be used by criminals.

Professor Tom Chen is leading research teams at City University London, Swansea and Coventry universities on app collusion detection. He said: "Currently almost all academic and industry efforts are focusing on single malicious apps; almost no attention has been given to colluding apps. Existing antivirus products are not designed to detect collusion." The team will develop new techniques to detect colluding apps and will curtail the threat before it becomes widespread. By design, Android is "open" in its flexibility to download apps from different sources. Its security depends on restricting apps by combining digital signatures, sandboxing, and permissions. These restrictions can be bypassed without the user noticing by colluding apps whose combined permissions allow them to carry out attacks that neither app could carry out alone.

Both research teams are partnering with McAfee, a division of Intel Security. The security company is providing researchers access to a library of safe apps and will assist in analysing malware so the researchers can test their behaviours.

Dr Igor Muttik, a Senior Principal Architect at McAfee, a division of Intel Security said: "We're up against really sophisticated malware - some even used by nation states for spying. All attackers are well aware of the technology involved in detecting and tracking them. These cybercriminals often take an industrial approach to malware; they try to maximise their benefits from it. So, we need to constantly raise the bar by improving the technology and this will make it more complex and less profitable for them to operate." Professor Chen, City University London, has some advice for smartphone users: "Be careful which apps you download, particularly if downloading from an unofficial app store, and be wary of an app which asks you to grant lots of permissions before it is installed." Notes to editors Projects funded by EPSRC - 3 million Projects Universities Led by Mobsec: Malware and Security in the Mobile Age Royal Holloway, University of London with partners, McAfee, a division of Intel Security.

Professor Tom Chen CIPART: Cloud Intelligent Protection at Run-Time Imperial College London Dr E C Lupu Bayesian Analysis of Competing Cyber Hypotheses University of Liverpool Professor S Maskell Robustness-as-evolvability: building a dynamic control plane with Software-Defined Networking University of Birmingham, University of Edinburgh Dr S Nagaraja Dr D Aspinall For media enquiries and images contact EPSRC Press Office: Email: pressoffice@epsrc.ac.uk or telephone: 01793 444 404 Image: Graph showing growth in new Android malware, courtesy McAfee, a division of Intel Security Image: A smartphone being used Academics available for interview: Dr Lorenzo Cavallaro, Royal Holloway, University of London: Email: Lorenzo.Cavallaro@rhul.ac.uk or telephone: 01784 414 381 Professor Tom Chen, City University London: Email: Tom.Chen.1@city.ac.uk or telephone: 0207 040 8926 Dr Igor Muttik, a Senior Principal Architect at McAfee, a division of Intel Security: Email: Igor_Muttik@McAfee.com or telephone: 01296 617756 The Engineering and Physical Sciences Research Council (EPSRC) is the UK's main agency for funding research in engineering and the physical sciences. EPSRC invests around 800 million a year in research and postgraduate training, to help the nation handle the next generation of technological change. The areas covered range from information technology to structural engineering, and mathematics to materials science. This research forms the basis for future economic development in the UK and improvements for everyone's health, lifestyle and culture. EPSRC works alongside other Research Councils with responsibility for other areas of research. The Research Councils work collectively on issues of common concern via Research Councils UK.

The funding for these awards is part of EPSRC's contribution to the RCUK Global Uncertainties theme.

Research Councils UK (RCUK) is the strategic partnership of the UK's seven Research Councils who annually invest around 3 billion in research. We support excellent research, as judged by peer review, that has an impact on the growth, prosperity and wellbeing of the UK. To maintain the UK's global research position we offer a diverse range of funding opportunities, foster international collaborations and provide access to the best facilities and infrastructure around the world. We also support the training and career development of researchers and work with them to inspire young people and engage the wider public with research. To maximise the impact of research on economic growth and societal wellbeing we work in partnership with other research funders including the Technology Strategy Board, the UK Higher Education funding bodies, business, government, and charitable organisations. www.rcuk.ac.uk.